diff options
author | Maximilian Hils <git@maximilianhils.com> | 2015-09-06 03:20:58 +0200 |
---|---|---|
committer | Maximilian Hils <git@maximilianhils.com> | 2015-09-06 03:20:58 +0200 |
commit | b4013659a81a48908eb3e060f04143ba1f9689bb (patch) | |
tree | 1571be3f8cb85f6e593c369a8d3ca50cb87e107b /docs/transparent.rst | |
parent | eb2334c6cb7c9ab9c260bc609ae43fb53d441f6f (diff) | |
download | mitmproxy-b4013659a81a48908eb3e060f04143ba1f9689bb.tar.gz mitmproxy-b4013659a81a48908eb3e060f04143ba1f9689bb.tar.bz2 mitmproxy-b4013659a81a48908eb3e060f04143ba1f9689bb.zip |
docs :tada:
Diffstat (limited to 'docs/transparent.rst')
-rw-r--r-- | docs/transparent.rst | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/docs/transparent.rst b/docs/transparent.rst index fbc94e08..05325283 100644 --- a/docs/transparent.rst +++ b/docs/transparent.rst @@ -3,4 +3,22 @@ Transparent Proxying ==================== -TODO
\ No newline at end of file +When a transparent proxy is used, traffic is redirected into a proxy at the +network layer, without any client configuration being required. This makes +transparent proxying ideal for those situations where you can't change client +behaviour - proxy-oblivious Android applications being a common example. + +To set up transparent proxying, we need two new components. The first is a +redirection mechanism that transparently reroutes a TCP connection destined for +a server on the Internet to a listening proxy server. This usually takes the +form of a firewall on the same host as the proxy server - iptables_ on Linux +or pf_ on OSX. When the proxy receives a redirected connection, it sees a vanilla +HTTP request, without a host specification. This is where the second new component +comes in - a host module that allows us to query the redirector for the original +destination of the TCP connection. + +At the moment, mitmproxy supports transparent proxying on OSX Lion and above, +and all current flavors of Linux. + +.. _iptables: http://www.netfilter.org/ +.. _pf: https://en.wikipedia.org/wiki/PF_\(firewall\)
\ No newline at end of file |